Contrast AI SmartFix Release
SmartFix is an AI-powered agent that automatically generates code fixes for vulnerabilities identified by Contrast Assess. It integrates into your developer workflow via GitHub Actions, creating Pull Requests (PRs) with proposed remediations.
Please see our README here: https://github.com/Contrast-Security-OSS/contrast-ai-smartfix-action.
v1.0.10 Highlights:
This version introduces Early Access support for Contrast LLM.
Contrast LLM is a secure, sandboxed Contrast-hosted LLM that the SmartFix coding agent can use. It uses your existing Contrast API keys so there is no additional LLM configuration required.
See the /docs folder for details on the Contrast LLM Early Access program.
We added support for the AWS_BEARER_TOKEN_BEDROCK config for longer lived AWS Bedrock LLM authentication support.
We also continued our refactoring effort to support the future development of the SmartFix codebase.
What's Changed
- AIML-123 vulnerability domain boundary implementation by @JacobMagesHaskinsContrast in #56
- AIML-152 bump LiteLLM to 1.77.5 by @JacobMagesHaskinsContrast in #64
- Repo File Sync: synced file(s) with Contrast-Security-OSS/common-file-sync by @contrast-oss-sync-bot[bot] in #65
- AIML-123 domain boundary implementation pr feedback by @JacobMagesHaskinsContrast in #66
- AIML-195: Add support for AWS_BEARER_TOKEN_BEDROCK authentication by @ChrisEdwards in #68
- AIML-123 agent orchestration domain by @JacobMagesHaskinsContrast in #67
- AIML-202 contrast llm config by @JacobMagesHaskinsContrast in #69
- AIML-176 & AIML-172 Get session id for contrast llm and use it for agent communications to the LLM proxy by @JacobMagesHaskinsContrast in #70
- AIML-170 & AIML-171 credit visibility in logs & PRs by @JacobMagesHaskinsContrast in #71
- AIML-229: add telemetry data by @dougj-contrast in #72
- AIML-232 Add linting to build check pipeline by @JacobMagesHaskinsContrast in #73
- AIML-241: Fix duplicate guard aborting legitimate skip flow by @ChrisEdwards in #75
- AIML-233 qa build summary bug by @JacobMagesHaskinsContrast in #74
- AIML-244 remove agent model log for contrast llm usage by @JacobMagesHaskinsContrast in #77
- AIML-171 Add missing Contrast LLM logging by @JacobMagesHaskinsContrast in #78
- AIML-180: Add Contrast LLM Early Access documentation by @JacobMagesHaskinsContrast in #76
- Release candidate v1.0.10 by @JacobMagesHaskinsContrast in #59
New Contributors
- @contrast-oss-sync-bot[bot] made their first contribution in #65
Full Changelog: v1...v1.0.10
